by Dan Brown

from DanBrown Website
 

Digital Fortress,

Phillips Exeter Academy, and the true story behind Dan Brown’s bestseller...

  • A prestigious prep school

  • A powerful intelligence agency

  • A minor indiscretion

  • A major thriller

In the Spring of 1995, on the campus of Phillips Exeter Academy, the U.S. Secret Service made a bust...

  • THE TARGET : A teenage student flagged by a government computer as being a threat to national security.

  • THE CRIME : Sending E-mail to a friend in which he said he thought President Clinton should be shot.

  • THE MISTAKE : The same mistake many Americans make every day...believing that what they say in E-mail is private.

In the wake of the incident, Dan Brown, an English teacher at the school, surprised by the government’s apparent ability to "listen in", began researching the intelligence community’s access to civilian communication. What he stumbled across stunned him... an ultra-secret, $12 billion a year intelligence agency that only 3% of Americans know exists.

This clandestine organization, known as the NSA (jokingly referred to as No Such Agency), employs over 20,000 code-breakers, analysts, technicians, and spies and has a 86-acre compound hidden in Maryland. Founded over half a century ago by President Truman, the NSA’s technology is unrivaled. They have the ability to monitor all of our digital communications--cellular phone, FAX, and E-mail. They are bound by presidential directive to do whatever it takes to protect our national security... including "snoop" our most private conversations if necessary.

Brown coaxed two ex-NSA cryptographers to speak to him via anonymous remailers (an E-mail protocol that ensures both parties privacy), and the cryptographers, each unaware of the other, told identical stories... incredible accounts of NSA submarines that listened in on underwater phone cables, of a terrorist attack on the New York Stock Exchange that never went public, and also of a chilling new NSA technology--a multi-billion dollar supercomputer capable of deciphering even the most secure communications. Nonetheless, the cryptographers sang the praises of the NSA and insisted that ensuring our nation’s security can only be done at the expense of civilian privacy.

"The battle between privacy and security," says Brown, "has no clear-cut answers. The stakes are enormous. All I know is that when I learned the truth about the NSA, I had to write about it."

If he disappears... we’ll know who to blame.


Did You Know?


Some surprising facts about your lack of privacy.

  • In large cities, Americans are photographed on the average of 20 times a day.

  • Everything you charge is in a database that police, among others, can look at.

  • Supermarkets track what you purchase and sell the information to direct-mail marketing firms.

  • Your employer is allowed to read your E-Mail, and if you use your company’s health insurance to purchase drugs, your employer has access to that information.

  • Government computers scan your E-Mail for subversive language.

  • Your cell phone calls can be intercepted, and your access numbers can be cribbed by eavesdroppers with police scanners.

  • You register your whereabouts every time you use an ATM, credit card, or use EZ PASS at a toll booth.

  • You are often being watched when you visit web sites. Servers know what you’re looking at, what you download, and how long you stay on a page.

  • A political candidate found his career destroyed by a newspaper that published a list of all the videos he had ever rented.

  • Most "baby monitors" can be intercepted 100 feet outside the home.

  • Intelligence agencies now have "micro-bots" -- tiny, remote control, electronic "bugs" that literally can fly into your home and look around without your noticing.

  • Anyone with $100 can tap your phone.

  • A new technology called TEMPEST can intercept what you are typing on your keypad (from 100 feet away through a cement wall.)

  • The National Security Agency has a submarine that can intercept and decipher digital communications from the RF emissions of underwater phone cables.

 

Author FAQ - NSA secrets, anecdotes, privacy info, and a surprising look into the future

DIGITAL FORTRESS, the controversial thriller about the ultra-secret U.S. National Security Agency, spent 15 weeks as the #1 national bestselling E-book and was inspired by a true event.

AUTHOR INTERVIEW

"I couldn’t figure out how the Secret Service knew what these kids were saying in their E-mail."

Q: A rather startling event inspired you to write Digital Fortress. Can you elaborate on what happened?

A: A few years ago, I was teaching on the campus of Phillips Exeter Academy in New Hampshire. One Spring day, unannounced, the U.S. Secret Service showed up and detained one of our students claiming he was a threat to national security. As it turned out, the kid had sent private E-mail to a friend saying how much he hated President Clinton and how he thought the president should be shot. The Secret Service came to campus to make sure the kid wasn’t serious. After some interrogation the agents decided the student was harmless, and not much came of it. Nonetheless, the incident really stuck with me. I couldn’t figure out how the secret service knew what these kids were saying in their E-mail.

I began doing some research into where organizations like the Secret Service get their intelligence data, and what I found out absolutely floored me. I discovered there is an intelligence agency as large as the CIA... that only about 3% of Americans knows exists.

It is called the National Security Agency (NSA), and it is home to the country’s eavesdroppers. The agency functions like an enormous vacuum cleaner sucking in intelligence data from around the globe and processing it for subversive material. The NSA’s super-computers scan E-mail and other digital communiqués looking for dangerous word combinations like "kill" and "Clinton" in the same sentence.

The more I learned about this ultra-secret agency and the fascinating moral issues surrounding national security and civilian privacy, the more I realized it was a great backdrop for a novel. That’s when I started writing Digital Fortress.

"The NSA is in charge of waging the information war-- stealing other people’s secrets while protecting our own."

Q: The NSA sounds fascinating, can you tell me more about it?

A: The NSA was founded at 12:01 on the morning of November 4th, 1952 by President Truman. No note of this event was made in the Congressional Record. The NSA’s charge was simple--to intercept and decipher intelligence information from hostile governments around the globe. Secondly, it was to create the means to enable secure communications among U.S. military and officials.

Put another way, the NSA is in charge of waging the information war--stealing other people’s secrets while protecting our own; they are not only the nation’s code-breakers, but also our code-writers. Today the agency has a $12 billion annual budget, about 25,000 employees, and an 86-acre heavily armed compound in Fort Meade, Maryland. It is home to the world’s most potent computers as well as some of the most brilliant cryptographers, mathematicians, technicians, and analysts. Digital Fortress is about a brilliant female cryptographer who works inside these sacred walls.

"Intelligence analysts joke that the acronym ’NSA’ really stands for ’No Such Agency.’"

Q: Why have so few people heard of the NSA?

A: In the novel the intelligence analysts joke that the acronym "NSA" really stands for "No Such Agency" or "Never Say Anything." Seriously though, the NSA is clandestine because it has to be. It is responsible for protecting this nation from some very powerful and hostile forces; often times this involves practices that civilians might find intrusive or immoral.

The NSA is far more effective if it is immune to the public scrutiny that most of the other agencies have to endure. Although not many people have heard of the NSA, that fact is quickly changing. Certainly those people familiar with the intelligence community are aware of the NSA’s existence and general code of conduct. Computer users who are savvy about issues of privacy in the digital age are also more and more aware of the NSA’s existence and practices.

The battle for privacy rights in a digital world is starting to take center stage, and I suspect it will be THE major issue of the next decade. We can all expect to hear a lot more about the NSA as the battle surrounding national security and civilian privacy develops.

"We communicated via anonymous remailers such that our identities remained secret."

Q: How did you get so much information on such a clandestine agency?

A: Much of the data on the NSA is public domain if you know where to dig. James Bamford wrote a superb exposé of the agency, and there are a number of former intelligence sources who have written extensive white-papers on the subject. I was also fortunate to befriend two former NSA cryptographers while researching the book. We communicated via anonymous remailers such that our identities remained secret.

At first, I was surprised with the information they were sharing, and I suspected, despite their obvious knowledge, that they were probably not who they said they were. But the more we spoke, the more I was convinced they were authentic. Neither one knew about the other, and yet they told almost identical stories. When I asked why they were sharing intelligence data with me, the response startled me. One cryptographer put it this way,

"I am a mathematician, not a politician. The NSA’s technologies and practices are necessary, believe me, but their level of secrecy is dangerous. It breeds distrust. I believe it is good for everyone that the agency is gradually coming to the public eye. I am not sharing classified information; the information I am sharing is already out there, but it is skillfully buried. I’m only bringing it to the surface."

"There used to be barriers around information. Technology has changed that."

Q: Ten years ago we never read about privacy rights, now it is an enormous issue. Why?

A: Barriers. There used to be barriers around information. Technology has changed that. It used to be we sent our messages in sealed envelopes with the U.S. postal service; now we E-mail.

Global corporations used to gather for closed-door meetings; now they teleconference. Once we sent important documents with bonded couriers; now we FAX. All of these transfers take place through a vast network of cables and satellites that is impossible to keep entirely secure. Technology has made global communication more efficient, but the down side is that there is a lot more of each of us floating around out there waiting to be intercepted.

"ITT and Western Union were under enormous political pressure to cooperate silently... and they did so."

Q: Does the government really read our E-mail?

A: Government monitoring of civilian communication is something that has been going on for decades. Even though the public is widely unaware, government officials and specialists in privacy-related fields are certainly aware of the practice. The debate over its ethics is complex because a precedent exists that intercepting certain E-mail, cellular phone, and FAX communications can help law-enforcement officials catch dangerous criminals. The question turns into one of civilian privacy vs. national security. In the 1950’s the NSA’s then top-secret Project Shamrock intercepted and scanned all telegrams sent in or out of the country; ITT and Western Union were under enormous political pressure to cooperate silently... and they did so.

Project Shamrock stayed in effect until 1975. Nixon’s Huston Plan and later Project Minaret further relaxed regulations on monitoring civilian communications and even activated enormous watch-lists of U.S. civilians whose communiqués were regularly tapped. Just recently, of course, the FBI caught the infamous hacker Jose Ardita by secretly monitoring computer activity at Harvard University. As you can see, this sort of activity is nothing new.

"The loopholes are obvious..."

Q: But aren’t there laws against intercepting E-mail?

A: Current laws are shaky at best. The Electronic Communications Privacy Act (ECPA) provides that personal E-mail cannot be intercepted while it is in transit. However, once the E-mail is digitally "stored" it is fair game and officials can legally gain access. The irony in the law is that E-mail travels by copying itself from server to server; the moment it is "in transit" it is also stored on servers across the country.

The loopholes are obvious. It’s hard to prove that unwarranted monitoring takes place, but most privacy specialists agree that monitoring is rampant, a point well-taken when you consider the following: Government Incentive -- Terrorist activity against the U.S. is on the rise (some from domestic sources), and the incentive certainly exists to protect national security in anyway possible. It’s Easy - The technology now exists for the government to secretly scan enormous quantities of data very cost effectively. It’s Legal - The current laws are written such that they do not hinder the intelligence agencies in any real way from scanning civilian communications for subversive activity. Historical Precedent - The intelligence community has a long history of protecting national security through domestic intelligence gathering.

Operation Shamrock and Minaret are two examples. Daily Proof - Almost every day there are stories in the news of civilians arrested for child pornography, embezzlement, drug trade, etc. These arrests usually hold up in court based on evidence from intercepted private communications. Officials often have court-orders when they tap E-mail and phones, but it is not difficult to imagine time-sensitive crises where court-orders are not feasible and laws are bent in the name of protecting the common good.

"If I send E-mail that reads, ’Tonight I’m taking out my wife,’ how would you interpret that?"

Q: Most individuals are law-abiding citizens, why should they care if a government agency might be listening in to their personal communications?

A: First, there is the obvious moral issue of whether or not we want to live in an Orwellian society where big brother is peering in from all sides. But more immediate concerns are those of abuse and misinterpretation of data. For example, if I send E-mail that reads, "Tonight I’m taking out my wife," how would you interpret that? Am I treating my wife to a date, or am I killing her? Because language is sometimes ambiguous, it runs the risk of misunderstanding. The results can be disastrous.

"The priest made a single typo that changed his life forever."

Q: Can you give us any "real life" horror stories of instances of abuse or misinterpretation?

A: Absolutely. There is one I heard recently that has become somewhat of an urban legend. Although I can’t vouch for the accuracy of the story, it’s a perfect example of the sorts of things that we now hear happening all the time. Apparently, last year a priest from Utah sent E-mail to his sister in Boston. In his message he mentioned that some local teenagers had stopped by his church that day and baked him brownies. Hoping to impress his sister with his technological wizardry, he borrowed the church’s new digital camera and took a photo of the brownies. Then he attached the photo to his E-mail and sent it off. Of course everything should have been fine.

Alas, it was not. In a cruel twist of fate, while typing his E-mail the priest made a single typo that changed his life forever. While writing the phrase "teenagers baked brownies", instead of typing "B" for baked, he missed and hit the letter "N" (the letter directly next to the "B"), resulting in the phrase "teenagers naked brownies."

Because he had unknowingly typed the words "naked" and "teenagers" next to each other in his E-mail, his message was flagged by a secret government computer scanning for child pornographers on the Internet. To make matters worse (much worse) the priest had attached a photo to his E-mail, so his transmission was flagged top-priority for immediate analysis.

When the task force went to examine the photo, however, they found that the file was corrupt and could not be opened. All they knew was that the photo was entitled "Brownies", and it was sent by a priest who was writing about naked teenagers. They tracked the priest’s identity through his Internet service provider and secretly began investigating his church. They found to their horror that both the Cub Scouts and the Brownies met at there on a regular basis. They concluded that this priest had been sending pictures of naked Brownies... a felony. They arrested him.

"The government is far less intrusive than most forces."

Q: Is the government the only force that pries into our lives?

A: Absolutely not. In fact, the government is far less intrusive than most forces. With the evolution of the personal computer, small companies and even individuals can now keep track of enormous databanks. Can you imagine ten years ago your neighborhood grocer making a note of every single item you as a customer purchased? Now it happens automatically at the check-out scanners. If you buy groceries with a credit or debit card, a detailed record of your personal purchasing preferences is instantly cataloged. Marketing agencies pay top dollar for these lists.

"Even our simplest daily actions are recorded and can come back to haunt us."

Q: Can you give us other examples of how we are spied on?

A: The list is endless. Aside from the cameras that are trained on us at all ATM’s, toll-booths, and large department stores, there is plenty of subtle spying. Sweepstakes are a good example. If you enter $100,000 dollar sweepstakes, you should be aware that the company sponsoring the sweepstakes will make ten times that much selling your personal information to direct-mail marketing firms. Another example is the ubiquitous "free blood pressure clinic." Many of these clinics are set up NOT to check your blood pressure but rather to gather prospecting lists for pharmaceutical companies.

The world-wide-web is anything but private. Many computer users still don’t realize that the web sites they visit will, in many cases, track their progress through the site--how long a user stays, what he lingers over, what files he downloads. If you’re visiting sites on the web that you don’t want anyone to know you’re visiting, you better think again.

Even our simplest daily actions are recorded and can come back to haunt us. One of my favorite stories is of a political race in California in which a candidate was running on a platform of conservative family values. His challenger simply went to the man’s local Blockbuster Video and tipped the clerk $100 to print out a list of every movie the candidate’s family had ever rented. The list contained some titles that were by no means Disneyesque. He leaked the list to the papers, and the election was over before it began.

"Ultimately, the price we pay for national security will be an almost total loss of privacy."

Q: What’s in store for us in the future, more or less privacy?

A: Less. Every day, civilians have fewer and fewer secrets, and it’s only going to get worse. The world has become a dangerous place, and our security is harder to protect. Criminals have access to the same technology we do. If we want the government to catch terrorists who use E-mail or cellular phones, we have to provide a means for them to monitor these types of communication.

There are plenty of very sharp folks who are working hard to find some happy medium-- key escrow systems that would enable officials to monitor communications only with a court order--but despite all the efforts to leave the public some semblance of secrecy, ultimately the price we pay for national security will be an almost total loss of privacy.

"Currently, criminals can obtain the necessary level of anonymity to commit their crimes. That is changing."

Q: Is this death of privacy all bad news?

A: Not entirely. Many people will want my head for saying that, but if you think about it, most of the bad things that occur in society happen because people have privacy -- that is to say, criminals can obtain the necessary level of anonymity to commit their crimes.

One needs privacy to break the law and get away with it. Child molesters, terrorists, organized criminals--- they all work in private. If their communications and daily activities are less clandestine, they will not last long. Of course, there is the obvious question of whether or not we trust the law-enforcement officials who are listening in.

Whether or not we trust those people we’ve elected to watch over us is a question asked by the antagonist in Digital Fortress--"Quis custodiet ipsos custodes," he quotes -- "Who will guard the guards?"

"Ultimately, privacy will not survive the digital revolution."

Q: Isn’t there any way to protect ourselves from prying eyes?

A: Ultimately, privacy will not survive the digital revolution. We live in a society experiencing exponential technological growth. Within the decade, most of our daily activities will be conducted through our home computers-- paying taxes, voting, shopping, all of our entertainment, movie-downloads will replace videos, music downloads will replace CD’s... all of this personal information will be zipping around between satellites and through cables...it would be naive to believe that we will develop some foolproof method of keeping all this information secure.

"The important thing for us to do is to ensure that the death of privacy is bilateral."

Q: How should we prepare ourselves for the end of privacy?

A: The important thing for us to do is to ensure that the death of privacy is bilateral--that is, that while snoopers know more about us, we know more about them. If a supermarket or clinic is selling our personal information, we should know to whom. If a web site plans to watch our every move, we should be warned before we enter the site.

"The death of privacy may have some wonderful side effects we don’t yet imagine--it may just make us a more moral society..."

Q: The scenario sounds grim. Can you leave us with any words of hope?

A: Sure. The death of privacy may have some wonderful side effects we don’t yet imagine--it may just make us a more moral society. If we are more visible to our peers, our behavior as a society will undoubtedly improve. Think about it... if your whole town knows when you are on the Internet sneaking a peek at Lois Lane in her underwear, you might just decide to do something else... maybe even curl up with a good book.


The NSA - Links to the NSA’s official site as well as other intelligence resources (courtesy of FAS)

N.287 dated 9 May 1996
page 2
The Best U.S. Intelligence Web Site


The best Internet site on the American intelligence community is undoubtedly one run by the Federation of American Scientists (FAS) which has been fighting a long battle to declassify secrets that no longer need to be kept in the Cold War’s aftermath (Project on Government Secrecy-PGS) and to encourage an overhaul of intelligence services (Intelligence Reform Project-IRP). The site offers a lot of striking documents and pictures. In their pages, Steven Aftergood and John Pike, leading figures in PGS and IRP, show satellite images (with resolutions from 10 to 1 meter) of the main buildings housing American intelligence agencies as well as pictures of the same premises and maps indicating their exact location.

When the Brown commission published its report on reforms in American intelligence on March 1 it recommended that the community’s budget not be disclosed. By cross-checking several documents and using reverse engineering methods, FAS published a relatively precise estimate of what is effectively the community’s budget of around $28 billion (a detailed analysis with maps and tables is available on http://www.fas.org/irp/commission/budget.htm). President Bill Clinton indirectly paid tribute to that effort on April 23 by suggesting that Congress adopt a bill to make the budget public.

Drawing on open sources, Pike also drew up a first directory of 160 companies that work for American intelligence (http://www.fas.org/irp/contract.html). The directory is constantly updated on the web. Recently, FAS persuaded John Deutch to make the Director of Central Intelligence’s report for 1994 public and published it in March on its site (http://www.fas.org/irp/cia94.htm)

In addition, Aftergood publishes a newsletter entitled Secrecy & Government Bulletin (SG&B) every month. Now in its fifth year, the publication has produced a number of major scoops ever since it revealed the existence of an on-going Special Access Program for the first time in 1991. Named Timber Wind, the project to build a nuclear-powered engine for a rocket was finally scrapped. SG&B is currently financed by the Rockefeller Family Fund, the CS Fund and several other donors. But it is seeking fresh funding in order to continue its work.

 

Someone Is Listening - An overview of the battle...

Excerpt from the L.A. TIMES

"DEMANDING THE ABILITY TO SNOOP"
By Robert Lee Hotz
TIMES SCIENCE WRITER

Someone Is Listening...

When Charles and Diana discovered millions of people were reveling in their most intimate telephone calls, the world’s most public couple had to face the facts of private life in the electronic age.

In a world of cellular phones, computer networks, electronic mail and interactive TV, the walls might as well have ears.

With the explosion of such devices, more people and companies -- from banks to department stores -- seem to have more access to more information that someone wants to keep private. In response, computer users are devising their own electronic codes to protect such secrets as corporate records, personal mail or automated teller transactions.

Historically, the biggest ears have belonged to the federal government, which has used surveillance techniques designed to track down criminals and security risks to keep electronic tabs on subjects ranging from civil rights leaders to citizens making overseas calls.

But, today, federal officials are afraid that advanced technology, which for almost 50 years has allowed them to conduct surveillance on a global scale, is about to make such monitoring impossible.

Now, federal intelligence and law enforcement agencies are insisting on their right to eavesdrop.

The government is proposing a standardized coding, or encryption, system that would eliminate eavesdropping by anyone except the one holder of the code’s key -- the government itself.

To ensure that federal agents and police can continue to wiretap communications, the National Institute of Standards and Technology (NIST) is introducing a national electronic code. It will cover all telephone systems and computer transmissions, with a built-in back door that police can unlock with a court order and an electronic key.

White House and FBI officials insist they have no way to force any company to adopt the new technology. They will not outlaw other forms of coding, they said.

But experts say a series of regulatory actions involving Congress, the State Department, the U.S. attorney general, export licensing restrictions and the purchasing power of the federal government will effectively force people to use the code.

The government’s plan has triggered an outcry among computer users, civil rights groups and others. The American Civil Liberties Union and groups of computer professionals say the plan raises major constitutional questions. Federal laws are designed to limit the government’s ability to wiretap, not guarantee it, they say.

"Where does the U.S. government get the right to understand everything that is transmitted?" asked Michel Kabay, director of education for the National Computer Security Assn. in Carlisle, Pa.

Not so many years ago, powerful encryption techniques were the monopoly of military and intelligence agencies. Over time, computer experts and corporate cryptographers created codes to protect their private communications. Some of these scramble electronic signals so thoroughly that even the supercomputers of the National Security Agency cannot decipher them. One of the best codes, called Pretty Good Privacy, is free and can be downloaded from computer network libraries around the world -- yet it still contains safeguards that protect its secrets from prying eyes.

Combined with advances in fiber optics and digital communications, these codes enable people to send electronic mail, computer files and faxes the government cannot read, and to make phone calls even the most sophisticated wiretapper cannot understand.

As new technologies converge to form the roadbed of a national information superhighway, the government faces the prospect of millions of people around the world communicating in the absolute privacy of the most secure codes science can devise.

At the same time, hundreds of phone companies channel calls through new digital switches into long-distance fiber-optic cables where, translated into light-speed laser pulses, they may elude interception more easily. Dozens of other companies are organizing global wireless digital networks to send phone calls, faxes and computer files over the airwaves to people no matter where they are or how often they move.

Given all this, NIST officials say the new code, called Skipjack, is the government’s attempt to strike a balance between personal privacy and public safety.

They say it will protect people from illicit eavesdropping, while allowing an authorized government agent to unlock any scrambled call or encrypted computer message. It could be incorporated into virtually every computer modem, cellular phone and telecommunications system manufactured in the United States.

Designed by the National Security Agency, which conducts most of the country’s communications surveillance, the code is one facet of an ambitious government blueprint for the new information age.

But critics say the code is just one of several steps by federal law enforcement groups and intelligence agencies to vastly expand their ability to monitor all telecommunications and to access computer databases.

Federal officials acknowledge that they are even considering the idea that foreign governments should be given the keys to unlock long-distance calls, faxes and computer transmissions from the United States. An international agency, supervised by the United Nations or Interpol, might be asked to hold in trust the keys to electronic codes, said Clint Brooks, a senior NSA technical adviser.

The Skipjack furor pits the White House, the FBI and some of the government’s most secret agencies against privacy advocates, cipher experts, business executives and ragtag computer-zoids who say codes the government cannot break are the only way to protect the public from the expanding reach of electronic surveillance.

On the computer networks that link millions of users and self-styled Cypherpunks -- a group of encryption specialists -- the federal proposal has stirred fears of an electronic Big Brother and the potential abuse of power.

"It really is Orwellian when a scheme for surveillance is described as a proposal for privacy," said Marc Rotenberg, Washington director of Computer Professionals for Social Responsibility.

Encryption is the art of concealing information in the open by hiding it in a code. It is older than the alphabet, which is itself a code that almost everyone knows how to read.

Today, electronic codes conceal trade secrets, protect sensitive business calls and shelter personal computer mail. They also scramble pay-per-view cable television programs and protect electronic credit card transactions.

Everyone who uses an automated teller machine is entrusting financial secrets to an electronic code that scrambles transmissions between the automated teller and the bank’s main computer miles away. One inter-bank network moves $1 trillion and 1 million messages around the world every day, swaddled in the protective cocoon of its code.

Nowhere has the demand for privacy grown so urgent as on the international confederation of computer systems known as the Internet. There, in a proving ground for the etiquette of electronic communication, millions of people in dozens of countries are adopting codes to protect their official business, swap gossip and exchange personal notes elbow-to-elbow in the same crowded electronic bazaar.

"People have been defending their own privacy for centuries with whispers, darkness, envelopes, closed doors, secret handshakes and couriers," said Eric Hughes, moderator of the Cypherpunks, an Internet group that specializes in encryption.

 

"We are defending privacy with cryptography, with anonymous mail-forwarding systems, with digital signatures and with electronic money."

And it’s working. The technology is leaving law enforcement behind.

Federal officials who defend the Skipjack plan say they are worried about too much privacy in the wrong hands.

"Are we going to let technology repeal this country’s wiretap laws?" asked James K. Kallstrom, FBI chief of investigative technology. Under U.S. law, any wiretap not sanctioned by a court order is a felony.

Federal law enforcement agencies and intelligence groups were galvanized last fall when AT&T introduced the first inexpensive mass-market device to scramble phone calls. The scrambler contains a computer chip that generates an electronic code unique to each conversation.

FBI officials paled at what they said was the prospect of racketeers, drug dealers or terrorists being able to find sophisticated phone scramblers to code and decode calls at the nearest phone store.

National security analysts and Defense Department officials say U.S. intelligence agencies find the new generation of computer encryption techniques especially unsettling. It promises to make obsolete a multibillion-dollar investment in secret surveillance facilities and spy satellites.

"We would have the same concerns internationally that law enforcement would have domestically about uncontrolled encryption," said Stewart A. Baker, NSA general counsel.

NSA officials are reluctant to discuss their surveillance operations, but they said they would not want terrorists or anyone else "targeting the United States" to be able to communicate in the secrecy provided by unbreakable modern codes.

The Clinton Administration is expected to advise telecommunications and computer companies this fall to adopt the Skipjack code as a new national encryption standard used by the government, the world’s largest computer user, and anyone who does business with it.

The government also will be spending billions in the next 10 years to promote a public network of telecommunications systems and computer networks called the National Information Infrastructure. Any firm that wants to join will have to adopt the Skipjack code.

Skipjack is being offered to the public embedded in a tamper-proof, $26 computer circuit called the Clipper Chip. It is produced by Mykotronx Inc., a computer company in Torrance. To make it easier for agents to single out the proper conversation in a stream of signals, every Clipper Chip has its own electronic identity and broadcasts it in every message it scrambles.

Federal agents conducting a court-authorized wiretap can identify the code electronically and then formally request the special keys that allow an outsider to decipher what the chip has scrambled.

Federal officials say they expect companies to incorporate the chip into consumer phone scramblers, cellular phones and "secure" computer modems. Within a few years, FBI officials say, they expect the Skipjack code to be part of almost every encryption device available to the average consumer.

Many companies say they are leery of adopting the sophisticated electronic code, even though it could protect them from foreign intelligence agencies and competitors seeking their trade secrets. But AT&T, which has a long history of cooperating with the government on communications surveillance, has already agreed to recall the company’s consumer scramblers and refit them this fall with the new chip.

Even without Skipjack and the Clipper Chip, advanced computers and electronic databases already have expanded government’s ability to track and monitor citizens.

Searches of phone records, computer credit files and other databases are at an all-time high, and court-authorized wiretaps -- which listened in on 1.7 million phone conversations last year -- monitor twice as many conversations as a decade ago, federal records show.

The General Accounting Office says that federal agencies maintain more than 900 databanks containing billions of personal records about U.S. citizens.

This type of easy access to electronic information is addictive, critics contend.

Since the FBI set up its computerized National Criminal Information Center in 1967, for example, information requests have grown from 2 million a year to about 438 million last year, and the criminal justice database itself now encompasses 24 million files.

The FBI records system, like computer files at the Internal Revenue Service, is "routinely" used for unauthorized purposes by some federal, state and local law enforcement agencies, the General Accounting Office (GAO) said.

GAO auditors found that some police agencies have used the FBI system to investigate political opponents. Others have sold FBI information to companies and private investigators. In Arizona, a former law enforcement official used it to track down his estranged girlfriend and kill her, the auditors reported.

What the government can’t find in its own files, it can obtain from any one of hundreds of marketing firms that specialize in compiling electronic dossiers on citizens. The FBI is seeking authority from Congress to obtain those records without consulting a judge or notifying the individual involved, which is required now.

Information America, for example, offers data on the location and profiles of more than 111 million Americans, 80 million households and 61 million telephone numbers. Another firm specializes in gay men and lesbians.

A third, a service for doctors called Patient Select, singles out millions of people with nervous stomachs.

Computer experts say encryption can draw a curtain across such electronic windows into private life.

In fact, the FBI is planning to encrypt its criminal justice computer files.

"Recent years have seen technological developments that diminish the privacy available to the individual," said Whitfield Diffie, a pioneering computer scientist who helped invent modern cryptography.

 

"Cameras watch us in the stores, X-ray machines search us at the airport, magnetometers look to see that we are not stealing from the merchants, and databases record our actions and transactions.

"Cryptography," he said, "is perhaps alone in its promise to give us more privacy rather than less."

NEXT: Inside the company that makes the secret chip.

Scrambling for Privacy

As more people and companies adopt codes to protect their telephone calls, faxes and computer files, the federal government has proposed a national encryption standard that will allow people to protect their privacy while ensuring that law enforcement agents can still wiretap telecommunications. Here is how it would work:

  • When someone using a Skipjack-equipped secure phone calls another secure phone, chips inside the phone generate a unique electronic code to scramble the conservation.

  • The chip also broadcasts a unique identifying serial number.

  • If a law enforcement agent wants to listen in, he first must obtain a court order and the get the chip’s serial number from the signal.

  • The agent obtains takes that number to the Treasury Department and the National Institute of Standards and Technology, which keep the government’s digital keys to the chip.

  • The keys are combined to unscramble the conversation. When legal authorization for the wiretap expires, the keys are destroyed.

    • Two 80-digit random strings of zeros and ones are selected.

    • They are factored together to form the chip’s unique key the key is then split in half.

    • Each half is paired with the serial number of the chip to form two keys.

    • One is kept by the Treasury Department and the other by the National Institute of Standards and Technology.

  • Sources: U.S. National Security Agency, Mykotronx Inc.

Someone Is Listening

To eavesdrop on a telephone conversation, law enforcement agents must obtain a court order, but they can use other devices, such as so-called pen registers, that record incoming or outgoing telephone numbers without actually listening to the calls.

WIRETAP COURT ORDERS

From 1985 through 1991, court-ordered wiretaps resulted in 7,324 convictions and nearly $300 million in fines. A single court order can involve many telephones. This data includes federal and state orders, but does not include many national security wiretaps.

1985: 784

1986: 754

1987: 673

1988: 738

1989: 763

1990: 872

1991: 856

1992: 919 *

MONITORING PHONE ACTIVITY

Pen registers are devices that record only the outgoing numbers dialed on a telephone under surveillance. Below are the number of pen registers in use, by year.

1987: 1,682

1988: 1,978

1989: 2,384

1990: 2,353

1991: 2,445

1992: 3,145

Sources: Administrative Office of the U.S. Courts, U.S. Justice Department, House Judiciary Committee


Turning Cell Phones Into Ankle Bracelets
Report on how cellular phones will soon be used by government officials to track your whereabouts

’E911’ Turns Cell Phones into Tracking Devices
by Chris Oakes
3:10pm 6.Jan.98.PST

Cell phones will be taking on a new role in 1998, beginning a slow transition to becoming user tracking devices. The outcome of this shift reassures some, but has others calling for restrictions on how cell-locating information can be used.

The impending first phase of the FCC’s rules is aimed at enabling emergency services personnel to quickly get information on the location of a cell phone user in the event of a 911 call. By April, all cellular and personal communications services providers will have to transmit to 911 operators and other "public safety answering points" the telephone number and cell site location of any cell phone making a 911 call.

The aim of the law is to bring to cell phone users the same automatic-locating capability that now exists with wireline phones. But while the FCC’s aim is simple on the surface - to make it easier for medical, fire, and police teams to locate and respond to callers in distress - the technology is also giving rise to concerns over the ease with which the digital age and its wireless accouterments are bringing to tracking individuals.

"The technology is pretty much developing to create a more and more precise location information. The key question for us is ’what is the legal standard for government access?’" says James Dempsey, senior staff counsel at the Center for Democracy and Technology (CDT)

Those seeking restrictions on the use of cell phone tracking information emphasize that, unlike the stationary wireline phones, a cell phone is more specifically associated with an individual and their minute-by-minute location.

In December, the FCC began requiring wireless providers to automatically patch through any emergency calls made through their networks. Subscriber or not, bills paid or unpaid, anyone with a cell phone and a mobile identification number was thus guaranteed to see their 911 calls completed.

1998 brings new rules into place that take that initial action much further. By April, emergency service personnel will receive more than just the call - they’ll also get the originating cell phone’s telephone number and, more significantly, the location of the cell site that handled the call.

The FCC’s "Enhanced 911 services" requirements that wireless providers make this information available is the beginning of a tracking system that by 2001 will be able to locate a phone within a 125-meter radius.

To provide this precise location information, Jeffrey Nelson of the Cellular Telecommunications Industry Association says different carriers will choose different methods of gathering location information, but all of them involve detecting the radio frequencies sent from the phone to service antennas. Because a phone sends additional signals to other antennas in addition to the primary one, "triangulation" lets them calculate the caller’s whereabouts within that multi-antenna region. All this happens automatically when a cell phone is turned on.

The upshot, Nelson says, is that cellular callers will "be able to make a call to 911 or the appropriate emergency number without having to explain where they are." He cites a case in which a woman stranded in a blizzard, unable to tell where she was, was located by use of her cell phone. Various systems are being tested by most providers, he reports, but many are already working with methods to provide such location information today.

But this tracking issue has privacy advocates seeking preventive legislation to see that the instant accessibility of the information to emergency units doesn’t just as easily deliver the same tracking information to law enforcement agencies - from local police on up to the FBI.

"The FCC has been in the picture from the 911 perspective," says Dempsey of the Center for Democracy and Technology.

But to him, this obvious emergency benefit of E911 necessitates legal action to draw boundaries around its use by other organizations, namely law enforcement.

That’s where the issue runs into the same waters as the controversy surrounding the expansion of the Communications Assistance for Law Enforcement Act (CALEA). That 1994 law was meant to keep communications companies from letting the advancement of digital and wireless technology become an obstacle to the surveillance needs of law enforcement agencies. But the CDT and the Electronic Frontier Foundation, among others, have argued that as CALEA undergoes actual implementation (a process that is still ongoing), the FBI is seeking to expand its surveillance capabilities by seeking unjust specifications for phone systems’ compliance with the law.

Dempsey wants to see both CALEA and the new E911 requirements be implemented with clear restrictions on the ability of law enforcement to tap into personal information on users, especially their whereabouts at any one time.

With the implementation of E911, Dempsey says that in effect,

"your phone has become an ankle bracelet. Therefore we are urging the standard for government access be increased to a full probable cause standard. [Law enforcement agencies] have to have suspicion to believe that the person they are targeting is engaged in criminal activity."

Currently, he says, to get a court order allowing the surveillance of cell phone use, law enforcement only has to prove that the information sought - not the individual - is relevant to an ongoing investigation.

"It says to law enforcement you’ve got to have a link between the person you’re targeting and the crime at issue," Dempsey says. "It cannot be a mere fishing expedition."

While the CDT and others seek beefed-up constitutional restrictions on the ability for law enforcement to obtain court orders in such cases, the FBI says the process for obtaining such court orders is already adequate.

"We work under the strict provisions of the law with regard to our ability to obtain a court order," said Barry Smith, supervisory special agent in the FBI’s office of public affairs.

 

"Law enforcement’s access to [cell phone data] falls very much within the parameters of the Fourth Amendment."

He also says that under CALEA, the call data the FBI seeks does not provide the specific location of a wireless phone.

The FCC and its E911 requirements are distinct from CALEA, but because they offer the ultimate form of tracking information - far more instantly and explicitly than the FBI is seeking in the implementation of CALEA, E911 may be ripe for access by law enforcement for non-emergency needs.

As for the distinction between the dispute over CALEA and the FCC’s E911 services, Smith says the latter has nothing to do with the FBI. "There’s not any crossover between the two."

But, says Dempsey, when law enforcement serves a court order, they could get location information through the requirements established by E911.


Spying in Europe

 

The Echelon System

ECHELON article From Eurobytes

From London Daily Telegraph

ONLINE SURVEILLANCE

Rumors have abounded for several years of a massive system designed to intercept virtually all email and fax traffic in the world and subject it to automated analysis, despite laws in many nations (including this one) barring such activity. The laws were circumvented by a mutual pact among five nations. It’s illegal for the United States to spy on it’s citizens. Likewise the same for Great Britain. But under the terms of the UKUSA agreement, Britain spies on Americans and America spies on British citizens and the two groups trade data. Technically, it may be legal, but the intent to evade the spirit of the laws protecting the citizens of those two nations is clear.

The system is called ECHELON, and had been rumored to be in development since 1947, the result of the UKUSA treaty signed by the governments of the United States, the United Kingdom, Canada, Australia and New Zealand.

The purpose of the UKUSA agreement was to create a single vast global intelligence organization sharing common goals and a common agenda, spying on the world and sharing the data. The uniformity of operation is such that NSA operatives from Fort Meade could work from Menwith Hill to intercept local communications without either nation having to formally approve or disclose the interception.

ECHELON intercept station at Menwith Hill, England.
 


What is ECHELON used for?

In the days of the cold war, ECHELON’s primary purpose was to keep an eye on the U.S.S.R. In the wake of the fall of the U.S.S.R. ECHELON justifies it’s continued multi-billion dollar expense with the claim that it is being used to fight "terrorism", the catch-all phrase used to justify any and all abuses of civil rights.

With the exposure of the APEC scandal, however, ECHELON’s capabilities have come under renewed scrutiny and criticism by many nations. Although not directly implicated in the bugging of the Asia Pacific Economic Conference in Seattle, the use of so many U.S. Intelligence agencies to bug the conference for the purpose of providing commercial secrets to DNC donors raised the very real possibility that ECHELON’s all-hearing ears were prying corporate secrets loose for the advantage of the favored few.

Given that real terrorists and drug runners would always use illegal cryptographic methods anyway, the USA led attempt to ban strong crypto to the general populace seemed geared towards keeping corporate secrets readable to ECHELON, rather than any real attempt at crime prevention.

The cover blows off!

Even close allies do not like it when they are being spied on. Especially if the objective is not law enforcement but corporate shenanigans to make rich politicians just that much richer. So, the Civil Liberties Committee of the European Parliament looked into ECHELON, and officially confirmed it’s existence and purpose.

 

Here is the article that ran in the London Telegraph

Tuesday 16 December 1997
Issue 936
Spies like US

 

A European Commission report warns that the United States has developed an extensive network spying on European citizens and we should all be worried. Simon Davies reports:

Cooking up a charter for snooping

A GLOBAL electronic spy network that can eavesdrop on every telephone, email and telex communication around the world will be officially acknowledged for the first time in a European Commission report to be delivered this week.

The report - Assessing the Technologies of Political Control - was commissioned last year by the Civil Liberties Committee of the European Parliament. It contains details of a network of American-controlled intelligence stations on British soil and around the world, that "routinely and indiscriminately" monitor countless phone, fax and email messages.

It states:

"Within Europe all email telephone and fax communications are routinely intercepted by the United States National Security Agency transferring all target information from the European mainland via the strategic hub of London then by satellite to Fort Meade in Maryland via the crucial hub at Menwith Hill in the North York moors in the UK."

The report confirms for the first time the existence of the secretive ECHELON system.

Until now, evidence of such astounding technology has been patchy and anecdotal. But the report - to be discussed on Thursday by the committee of the office of Science and Technology Assessment in Luxembourg - confirms that the citizens of Britain and other European states are subject to an intensity of surveillance far in excess of that imagined by most parliaments. Its findings are certain to excite the concern of MEPs.

"The ECHELON system forms part of the UKUSA system (Cooking up a charter for snooping) but unlike many of the electronic spy systems developed during the Cold War, ECHELON is designed primarily for non-military targets: governments, organizations and businesses in virtually every country.

"The ECHELON system works by indiscriminately intercepting very large quantities of communications and then siphoning out what is valuable using artificial intelligence aids like MEMEX to find key words".

According to the report, ECHELON uses a number of national dictionaries containing key words of interest to each country.

For more than a decade, former agents of US, British, Canadian and New Zealand national security agencies have claimed that the monitoring of electronic communications has become endemic throughout the world. Rumors have circulated that new technologies have been developed which have the capability to search most of the world’s telex, fax and email networks for "key words". Phone calls, they claim, can be automatically analyzed for key words.

Former signals intelligence operatives have claimed that spy bases controlled by America have the ability to search nearly all data communications for key words. They claim that ECHELON automatically analyses most email messaging for "precursor" data which assists intelligence agencies to determine targets. According to former Canadian Security Establishment agent Mike Frost, a voice recognition system called Oratory has been used for some years to intercept diplomatic calls.

The driving force behind the report is Glyn Ford, Labour MEP for Greater Manchester East. He believes that the report is crucial to the future of civil liberties in Europe.

"In the civil liberties committee we spend a great deal of time debating issues such as free movement, immigration and drugs. Technology always sits at the centre of these discussions. There are times in history when technology helps democratize, and times when it helps centralize. This is a time of centralization. The justice and home affairs pillar of Europe has become more powerful without a corresponding strengthening of civil liberties."

The report recommends a variety of measures for dealing with the increasing power of the technologies of surveillance being used at Menwith Hill and other centers. It bluntly advises:

"The European Parliament should reject proposals from the United States for making private messages via the global communications network (Internet) accessible to US intelligence agencies."

The report also urges a fundamental review of the involvement of the American NSA (National Security Agency) in Europe, suggesting that their activities be either scaled down, or become more open and accountable.

Such concerns have been privately expressed by governments and MEPs since the Cold War, but surveillance has continued to expand. US intelligence activity in Britain has enjoyed a steady growth throughout the past two decades. The principal motivation for this rush of development is the US interest in commercial espionage. In the Fifties, during the development of the "special relationship" between America and Britain, one US institution was singled out for special attention.

The NSA, the world’s biggest and most powerful signals intelligence organization, received approval to set up a network of spy stations throughout Britain. Their role was to provide military, diplomatic and economic intelligence by intercepting communications from throughout the Northern Hemisphere.

The NSA is one of the shadowiest of the US intelligence agencies. Until a few years ago, it existence was a secret and its charter and any mention of its duties are still classified. However, it does have a Web site (www.nsa.gov:8080) in which it describes itself as being responsible for the signals intelligence and communications security activities of the US government.

One of its bases, Menwith Hill, was to become the biggest spy station in the world. Its ears - known as radomes - are capable of listening in to vast chunks of the communications spectrum throughout Europe and the old Soviet Union.

In its first decade the base sucked data from cables and microwave links running through a nearby Post Office tower, but the communications revolutions of the Seventies and Eighties gave the base a capability that even its architects could scarcely have been able to imagine. With the creation of Intelsat and digital telecommunications, Menwith and other stations developed the capability to eavesdrop on an extensive scale on fax, telex and voice messages. Then, with the development of the Internet, electronic mail and electronic commerce, the listening posts were able to increase their monitoring capability to eavesdrop on an unprecedented spectrum of personal and business communications.

This activity has been all but ignored by the UK Parliament. When Labour MPs raised questions about the activities of the NSA, the Government invoked secrecy rules. It has been the same for 40 years.

Glyn Ford hopes that his report may be the first step in a long road to more openness.

"Some democratically elected body should surely have a right to know at some level. At the moment that’s nowhere".

Copyright Telegraph Group Limited 1997. Terms & Conditions of reading.
Information about Telegraph Group Limited and Electronic Telegraph.
"Electronic Telegraph" and "The Daily Telegraph" are trademarks of Telegraph Group Limited.

These marks may not be copied or used without permission.

Information for webmasters linking to Electronic Telegraph.


 

 

FROM "COVERT ACTION" QUARTERLY

 

EXPOSING THE GLOBAL SURVEILLANCE SYSTEM
by Nicky Hager

 

IN THE LATE 1980S, IN A DECISION IT PROBABLY REGRETS, THE US PROMPTED NEW ZEALAND TO JOIN A NEW AND HIGHLY SECRET GLOBAL INTELLIGENCE SYSTEM. HAGER’S INVESTIGATION INTO IT AND HIS DISCOVERY OF THE ECHELON DICTIONARY HAS REVEALED ONE OF THE WORLD’S BIGGEST, MOST CLOSELY HELD INTELLIGENCE PROJECTS. THE SYSTEM ALLOWS SPY AGENCIES TO MONITOR MOST OF THE WORLD’S TELEPHONE, E-MAIL, AND TELEX COMMUNICATIONS.

For 40 years, New Zealand’s largest intelligence agency, the Government Communications Security Bureau (GCSB) the nation’s equivalent of the US National Security Agency (NSA) had been helping its Western allies to spy on countries throughout the Pacific region, without the knowledge of the New Zealand public or many of its highest elected officials. What the NSA did not know is that by the late 1980s, various intelligence staff had decided these activities had been too secret for too long, and were providing me with interviews and documents exposing New Zealand’s intelligence activities. Eventually, more than 50 people who work or have worked in intelligence and related fields agreed to be interviewed.

The activities they described made it possible to document, from the South Pacific, some alliance-wide systems and projects which have been kept secret elsewhere. Of these, by far the most important is ECHELON.

Designed and coordinated by NSA, the ECHELON system is used to intercept ordinary e-mail, fax, telex, and telephone communications carried over the world’s telecommunications networks. Unlike many of the electronic spy systems developed during the Cold War, ECHELON is designed primarily for non-military targets: governments, organizations, businesses, and individuals in virtually every country. It potentially affects every person communicating between (and sometimes within) countries anywhere in the world.

It is, of course, not a new idea that intelligence organizations tap into e-mail and other public telecommunications networks. What was new in the material leaked by the New Zealand intelligence staff was precise information on where the spying is done, how the system works, its capabilities and shortcomings, and many details such as the codenames.

The ECHELON system is not designed to eavesdrop on a particular individual’s e-mail or fax link. Rather, the system works by indiscriminately intercepting very large quantities of communications and using computers to identify and extract messages of interest from the mass of unwanted ones. A chain of secret interception facilities has been established around the world to tap into all the major components of the international telecommunications networks. Some monitor communications satellites, others land-based communications networks, and others radio communications. ECHELON links together all these facilities, providing the US and its allies with the ability to intercept a large proportion of the communications on the planet.

The computers at each station in the ECHELON network automatically search through the millions of messages intercepted for ones containing pre-programmed keywords. Keywords include all the names, localities, subjects, and so on that might be mentioned. Every word of every message intercepted at each station gets automatically searched whether or not a specific telephone number or e-mail address is on the list.

The thousands of simultaneous messages are read in "real time" as they pour into the station, hour after hour, day after day, as the computer finds intelligence needles in telecommunications haystacks.
 

SOMEONE IS LISTENING

The computers in stations around the globe are known, within the network, as the ECHELON Dictionaries. Computers that can automatically search through traffic for keywords have existed since at least the 1970s, but the ECHELON system was designed by NSA to interconnect all these computers and allow the stations to function as components of an integrated whole. The NSA and GCSB are bound together under the five-nation UKUSA signals intelligence agreement. The other three partners all with equally obscure names are:

  • the Government Communications Headquarters (GCHQ) in Britain

  • the Communications Security Establishment (CSE) in Canada

  • the Defense Signals Directorate (DSD) in Australia

The alliance, which grew from cooperative efforts during World War II to intercept radio transmissions, was formalized into the UKUSA agreement in 1948 and aimed primarily against the USSR. The five UKUSA agencies are today the largest intelligence organizations in their respective countries. With much of the world’s business occurring by fax, e-mail, and phone, spying on these communications receives the bulk of intelligence resources. For decades before the introduction of the ECHELON system, the UKUSA allies did intelligence collection operations for each other, but each agency usually processed and analyzed the intercept from its own stations.

Under ECHELON, a particular station’s Dictionary computer contains not only its parent agency’s chosen keywords, but also has lists entered in for other agencies. In New Zealand’s satellite interception station at Waihopai (in the South Island), for example, the computer has separate search lists for the NSA, GCHQ, DSD, and CSE in addition to its own. Whenever the Dictionary encounters a message containing one of the agencies’ keywords, it automatically picks it and sends it directly to the headquarters of the agency concerned. No one in New Zealand screens, or even sees, the intelligence collected by the New Zealand station for the foreign agencies. Thus, the stations of the junior UKUSA allies function for the NSA no differently than if they were overtly NSA-run bases located on their soil.

The first component of the ECHELON network are stations specifically targeted on the international telecommunications satellites (Intelsats) used by the telephone companies of most countries. A ring of Intelsats is positioned around the world, stationary above the equator, each serving as a relay station for tens of thousands of simultaneous phone calls, fax, and e-mail. Five UKUSA stations have been established to intercept the communications carried by the Intelsats.

ECHELON Station in Morwenstow, UK

 

The British GCHQ station is located at the top of high cliffs above the sea at Morwenstow in Cornwall. Satellite dishes beside sprawling operations buildings point toward Intelsats above the Atlantic, Europe, and, inclined almost to the horizon, the Indian Ocean. An NSA station at Sugar Grove, located 250 kilometers southwest of Washington, DC, in the mountains of West Virginia, covers Atlantic Intelsats transmitting down toward North and South America. Another NSA station is in Washington State, 200 kilometers southwest of Seattle, inside the Army’s Yakima Firing Center. Its satellite dishes point out toward the Pacific Intelsats and to the east. *1

The job of intercepting Pacific Intelsat communications that cannot be intercepted at Yakima went to New Zealand and Australia. Their South Pacific location helps to ensure global interception. New Zealand provides the station at Waihopai (above image) and Australia supplies the Geraldton station (below image) in West Australia (which targets both Pacific and Indian Ocean Intelsats). *2

Each of the five stations’ Dictionary computers has a codename to distinguish it from others in the network. The Yakima station, for instance, located in desert country between the Saddle Mountains and Rattlesnake Hills, has the COWBOY Dictionary, while the Waihopai station has the FLINTLOCK Dictionary. These codenames are recorded at the beginning of every intercepted message, before it is transmitted around the ECHELON network, allowing analysts to recognize at which station the interception occurred.

New Zealand intelligence staff has been closely involved with the NSA’s Yakima station since 1981, when NSA pushed the GCSB to contribute to a project targeting Japanese embassy communications. Since then, all five UKUSA agencies have been responsible for monitoring diplomatic cables from all Japanese posts within the same segments of the globe they are assigned for general UKUSA monitoring.3 Until New Zealand’s integration into ECHELON with the opening of the Waihopai station in 1989, its share of the Japanese communications was intercepted at Yakima and sent unprocessed to the GCSB headquarters in Wellington for decryption, translation, and writing into UKUSA-format intelligence reports (the NSA provides the codebreaking programs).

click image to enlarge

 

COMMUNICATION" THROUGH SATELLITES

The next component of the ECHELON system intercepts a range of satellite communications not carried by Intelsat. In addition to the UKUSA stations targeting Intelsat satellites, there are another five or more stations homing in on Russian and other regional communications satellites. These stations are:

  • Menwith Hill in northern England

  • Shoal Bay, outside Darwin in northern Australia (which targets Indonesian satellites)

  • Leitrim, just south of Ottawa in Canada (which appears to intercept Latin American satellites - below image)

  • Bad Aibling in Germany

  • Misawa in northern Japan

A group of facilities that tap directly into land-based telecommunications systems is the final element of the ECHELON system. Besides satellite and radio, the other main method of transmitting large quantities of public, business, and government communications is a combination of water cables under the oceans and microwave networks over land. Heavy cables, laid across seabeds between countries, account for much of the world’s international communications. After they come out of the water and join land-based microwave networks they are very vulnerable to interception.

 

The microwave networks are made up of chains of microwave towers relaying messages from hilltop to hilltop (always in line of sight) across the countryside. These networks shunt large quantities of communications across a country. Interception of them gives access to international undersea communications (once they surface) and to international communication trunk lines across continents. They are also an obvious target for large-scale interception of domestic communications.

Because the facilities required to intercept radio and satellite communications use large aerials and dishes that are difficult to hide for too long, that network is reasonably well documented. But all that is required to intercept land-based communication networks is a building situated along the microwave route or a hidden cable running underground from the legitimate network into some anonymous building, possibly far removed. Although it sounds technically very difficult, microwave interception from space by United States spy satellites also occurs.4 The worldwide network of facilities to intercept these communications is largely undocumented, and because New Zealand’s GCSB does not participate in this type of interception, my inside sources could not help either.
 

NO ONE IS SAFE FROM A MICROWAVE

A 1994 exposé of the Canadian UKUSA agency, Spyworld, co-authored by one of its former staff, Mike Frost, gave the first insights into how a lot of foreign microwave interception is done (see p. 18). It described UKUSA "embassy collection" operations, where sophisticated receivers and processors are secretly transported to their countries’ overseas embassies in diplomatic bags and used to monitor various communications in foreign capitals. *5

Since most countries’ microwave networks converge on the capital city, embassy buildings can be an ideal site. Protected by diplomatic privilege, they allow interception in the heart of the target country. *6 The Canadian embassy collection was requested by the NSA to fill gaps in the American and British embassy collection operations, which were still occurring in many capitals around the world when Frost left the CSE in 1990. Separate sources in Australia have revealed that the DSD also engages in embassy collection. *7 On the territory of UKUSA nations, the interception of land-based telecommunications appears to be done at special secret intelligence facilities. The US, UK, and Canada are geographically well placed to intercept the large amounts of the world’s communications that cross their territories.

The only public reference to the Dictionary system anywhere in the world was in relation to one of these facilities, run by the GCHQ in central London. In 1991, a former British GCHQ official spoke anonymously to Granada Television’s World in Action about the agency’s abuses of power. He told the program about an anonymous red brick building at 8 Palmer Street where GCHQ secretly intercepts every telex which passes into, out of, or through London, feeding them into powerful computers with a program known as "Dictionary." The operation, he explained, is staffed by carefully vetted British Telecom people:

"It’s nothing to do with national security. It’s because it’s not legal to take every single telex. And they take everything: the embassies, all the business deals, even the birthday greetings, they take everything. They feed it into the Dictionary." *8

What the documentary did not reveal is that Dictionary is not just a British system; it is UKUSA-wide.

Similarly, British researcher Duncan Campbell has described how the US Menwith Hill station in Britain taps directly into the British Telecom microwave network, which has actually been designed with several major microwave links converging on an isolated tower connected underground into the station. 9

 

The NSA Menwith Hill station, with 22 satellite terminals and more than 4.9 acres of buildings, is undoubtedly the largest and most powerful in the UKUSA network. Located in northern England, several thousand kilometers from the Persian Gulf, it was awarded the NSA’s "Station of the Year" prize for 1991 after its role in the Gulf War. Menwith Hill assists in the interception of microwave communications in another way as well, by serving as a ground station for US electronic spy satellites. These intercept microwave trunk lines and short range communications such as military radios and walkie talkies.

 

Other ground stations where the satellites’ information is fed into the global network are Pine Gap (click above images) run by the CIA near Alice Springs in central Australia and the Bad Aibling station in Germany. *10 Among them, the various stations and operations making up the ECHELON network tap into all the main components of the world’s telecommunications networks. All of them, including a separate network of stations that intercepts long distance radio communications, have their own Dictionary computers connected into ECHELON.

In the early 1990s, opponents of the Menwith Hill station obtained large quantities of internal documents from the facility. Among the papers was a reference to an NSA computer system called Platform. The integration of all the UKUSA station computers into ECHELON probably occurred with the introduction of this system in the early 1980s. James Bamford wrote at that time about a new worldwide NSA computer network codenamed Platform,

"which will tie together 52 separate computer systems used throughout the world. Focal point, or `host environment,’ for the massive network will be the NSA headquarters at Fort Meade. Among those included in Platform will be the British SIGINT organization, GCHQ." *11

LOOKING IN THE DICTIONARY

The Dictionary computers are connected via highly encrypted UKUSA communications that link back to computer data bases in the five agency headquarters. This is where all the intercepted messages selected by the Dictionaries end up. Each morning the specially "indoctrinated" signals intelligence analysts in Washington, Ottawa, Cheltenham, Canberra, and Wellington log on at their computer terminals and enter the Dictionary system. After keying in their security passwords, they reach a directory that lists the different categories of intercept available in the data bases, each with a four-digit code.

 

For instance, 1911 might be Japanese diplomatic cables from Latin America (handled by the Canadian CSE), 3848 might be political communications from and about Nigeria, and 8182 might be any messages about distribution of encryption technology.

They select their subject category, get a "search result" showing how many messages have been caught in the ECHELON net on that subject, and then the day’s work begins. Analysts scroll through screen after screen of intercepted faxes, e-mail messages, etc. and, whenever a message appears worth reporting on, they select it from the rest to work on. If it is not in English, it is translated and then written into the standard format of intelligence reports produced anywhere within the UKUSA network either in entirety as a "report," or as a summary or "gist."
 

INFORMATION CONTROL

A highly organized system has been developed to control what is being searched for by each station and who can have access to it. This is at the heart of ECHELON operations and works as follows.

The individual station’s Dictionary computers do not simply have a long list of keywords to search for. And they do not send all the information into some huge database that participating agencies can dip into as they wish. It is much more controlled.

The search lists are organized into the same categories, referred to by the four digit numbers. Each agency decides its own categories according to its responsibilities for producing intelligence for the network. For GCSB, this means South Pacific governments, Japanese diplomatic, Russian Antarctic activities, and so on.

The agency then works out about 10 to 50 keywords for selection in each category. The keywords include such things as names of people, ships, organizations, country names, and subject names. They also include the known telex and fax numbers and Internet addresses of any individuals, businesses, organizations, and government offices that are targets. These are generally written as part of the message text and so are easily recognized by the Dictionary computers.

The agencies also specify combinations of keywords to help sift out communications of interest. For example, they might search for diplomatic cables containing both the words "Santiago" and "aid," or cables containing the word "Santiago" but not "consul" (to avoid the masses of routine consular communications). It is these sets of words and numbers (and combinations), under a particular category, that get placed in the Dictionary computers. (Staff in the five agencies called Dictionary Managers enter and update the keyword search lists for each agency.)

The whole system, devised by the NSA, has been adopted completely by the other agencies. The Dictionary computers search through all the incoming messages and, whenever they encounter one with any of the agencies’ keywords, they select it. At the same time, the computer automatically notes technical details such as the time and place of interception on the piece of intercept so that analysts reading it, in whichever agency it is going to, know where it came from, and what it is.

 

Finally, the computer writes the four-digit code (for the category with the keywords in that message) at the bottom of the message’s text. This is important. It means that when all the intercepted messages end up together in the database at one of the agency headquarters, the messages on a particular subject can be located again. Later, when the analyst using the Dictionary system selects the four- digit code for the category he or she wants, the computer simply searches through all the messages in the database for the ones which have been tagged with that number.

This system is very effective for controlling which agencies can get what from the global network because each agency only gets the intelligence out of the ECHELON system from its own numbers. It does not have any access to the raw intelligence coming out of the system to the other agencies. For example, although most of the GCSB’s intelligence production is primarily to serve the UKUSA alliance, New Zealand does not have access to the whole ECHELON network. The access it does have is strictly controlled. A New Zealand intelligence officer explained:

"The agencies can all apply for numbers on each other’s Dictionaries. The hardest to deal with are the Americans. ... [There are] more hoops to jump through, unless it is in their interest, in which case they’ll do it for you."

There is only one agency which, by virtue of its size and role within the alliance, will have access to the full potential of the ECHELON system the agency that set it up. What is the system used for? Anyone listening to official "discussion" of intelligence could be forgiven for thinking that, since the end of the Cold War, the key targets of the massive UKUSA intelligence machine are terrorism, weapons proliferation, and economic intelligence.

 

The idea that economic intelligence has become very important, in particular, has been carefully cultivated by intelligence agencies intent on preserving their post-Cold War budgets. It has become an article of faith in much discussion of intelligence. However, I have found no evidence that these are now the primary concerns of organizations such as NSA.
 

QUICKER INTELLIGENCE, SAME MISSION

A different story emerges after examining very detailed information I have been given about the intelligence New Zealand collects for the UKUSA allies and detailed descriptions of what is in the yards-deep intelligence reports New Zealand receives from its four allies each week. There is quite a lot of intelligence collected about potential terrorists, and there is quite a lot of economic intelligence, notably intensive monitoring of all the countries participating in GATT negotiations. But by far, the main priorities of the intelligence alliance continue to be political and military intelligence to assist the larger allies to pursue their interests around the world. Anyone and anything the particular governments are concerned about can become a target.

With capabilities so secret and so powerful, almost anything goes. For example, in June 1992, a group of current "highly placed intelligence operatives" from the British GCHQ spoke to the London Observer:

"We feel we can no longer remain silent regarding that which we regard to be gross malpractice and negligence within the establishment in which we operate."

They gave as examples GCHQ interception of three charitable organizations, including Amnesty International and Christian Aid. As the Observer reported:

"At any time GCHQ is able to home in on their communications for a routine target request," the GCHQ source said.

In the case of phone taps the procedure is known as Mantis. With telexes it is called Mayfly. By keying in a code relating to Third World aid, the source was able to demonstrate telex "fixes" on the three organizations.

"It is then possible to key in a trigger word which enables us to home in on the telex communications whenever that word appears," he said. "And we can read a pre-determined number of characters either side of the keyword."12

Without actually naming it, this was a fairly precise description of how the ECHELON Dictionary system works. Again, what was not revealed in the publicity was that this is a UKUSA-wide system. The design of ECHELON means that the interception of these organizations could have occurred anywhere in the network, at any station where the GCHQ had requested that the four-digit code covering Third World aid be placed.

Note that these GCHQ officers mentioned that the system was being used for telephone calls. In New Zealand, ECHELON is used only to intercept written communications: fax, e-mail, and telex. The reason, according to intelligence staff, is that the agency does not have the staff to analyze large quantities of telephone conversations.

Mike Frost’s exposé of Canadian "embassy collection" operations described the NSA computers they used, called Oratory, that can "listen" to telephone calls and recognize when keywords are spoken. Just as we can recognize words spoken in all the different tones and accents we encounter, so too, according to Frost, can these computers. Telephone calls containing keywords are automatically extracted from the masses of other calls and recorded digitally on magnetic tapes for analysts back at agency headquarters.

 

However, high volume voice recognition computers will be technically difficult to perfect, and my New Zealand-based sources could not confirm that this capability exists. But, if or when it is perfected, the implications would be immense. It would mean that the UKUSA agencies could use machines to search through all the international telephone calls in the world, in the same way that they do written messages. If this equipment exists for use in embassy collection, it will presumably be used in all the stations throughout the ECHELON network. It is yet to be confirmed how extensively telephone communications are being targeted by the ECHELON stations for the other agencies.

The easiest pickings for the ECHELON system are the individuals, organizations, and governments that do not use encryption. In New Zealand’s area, for example, it has proved especially useful against already vulnerable South Pacific nations which do not use any coding, even for government communications (all these communications of New Zealand’s neighbors are supplied, unscreened, to its UKUSA allies). As a result of the revelations in my book, there is currently a project under way in the Pacific to promote and supply publicly available encryption software to vulnerable organizations such as democracy movements in countries with repressive governments. This is one practical way of curbing illegitimate uses of the ECHELON capabilities.

One final comment. All the newspapers, commentators, and "well placed sources" told the public that New Zealand was cut off from US intelligence in the mid-1980s. That was entirely untrue. The intelligence supply to New Zealand did not stop, and instead, the decade since has been a period of increased integration of New Zealand into the US system. Virtually everything the equipment, manuals, ways of operating, jargon, codes, and so on, used in the GCSB continues to be imported entirely from the larger allies (in practice, usually the NSA). As with the Australian and Canadian agencies, most of the priorities continue to come from the US, too.

The main thing that protects these agencies from change is their secrecy. On the day my book arrived in the book shops, without prior publicity, there was an all-day meeting of the intelligence bureaucrats in the prime minister’s department trying to decide if they could prevent it from being distributed. They eventually concluded, sensibly, that the political costs were too high. It is understandable that they were so agitated.

Throughout my research, I have faced official denials or governments refusing to comment on publicity about intelligence activities. Given the pervasive atmosphere of secrecy and stonewalling, it is always hard for the public to judge what is fact, what is speculation, and what is paranoia. Thus, in uncovering New Zealand’s role in the NSA-led alliance, my aim was to provide so much detail about the operations the technical systems, the daily work of individual staff members, and even the rooms in which they work inside intelligence facilities that readers could feel confident that they were getting close to the truth. I hope the information leaked by intelligence staff in New Zealand about UKUSA and its systems such as ECHELON will help lead to change.